Skip to content

Install or update the VPS

Ycarus (Yannick Chabanois) edited this page Feb 1, 2024 · 104 revisions

You need to have a MPTCP kernel,shadowsocks-libev, Glorytun, and a few services installed on the VPS. The VPS script will install and configure them for you.

MPTCP will not work on OpenVZ but you can use Glorytun UDP if TUN module is available.

Tested and working on (in alphabetical order, this is not a recommendation list):

  • Amazon AWS port range 0-65535 in UDP, TCP and ICMP must be opened (US, ZA, HK, CA, UK, BR, BH, IT, IE, DE, JP,...)
  • Aruba Cloud (some transfer limits) (IT, CZ, FR, DE, UK, PL)
  • Avoro (DE)
  • BuyVM no transfer limit, speed limited to 1000Mb/s (US, LU) (there is some issue with the script on this provider)
  • Digital Ocean (some transfer limits) (US, NL, SG, UK, DE, CA, IN)
  • fastpipe.io (GERMANY) (there is some issue with the script on this provider)
  • Firstheberg VPS (no transfer limit, speed limited to 200Mb/s) (FR) (Partition / go Read Only sometimes, a reboot fix the issue)
  • Google Cloud Platform port range 0-65535 in UDP, TCP and ICMP must be opened (US, CA, BR, FI, BE, UK, NL, DE, SW, TW, HK, JP, SG, AU,...)
  • Hetzner Transfer limit to 20TB (DE, FI)
  • Hosterlabs No transfer limit, speed limited to 200Mb/s with 500Mb/s burst (CA)
  • Hostworld no transfer limit (UK, US)
  • Kamatera transfer limit from 1TB to 5TB (CA,DE,HK,IL,UK,US,NL)
  • Linode transfer limit from 1TB to 20TB, speed from 1Gb/s to 12Gb/s (CA, DE, IN, UK, US, JP, SG, AU)
  • Lunanode transfer limit from 1TB to 10TB, speed limited to 100Mb/s (CA, FR)
  • Milkywan IPv4 option is required (No traffic limit, port speed 10Gb/s) (FR)
  • MVPS some SMTP limits (transfer limit from 3TB to 60TB, speed limited to 70Mb/s or 100Mb/s) (DE, FR, GR, NL, SE, UK)
  • OVH/Kimsufi (no transfer limit, speed limited to 100Mb/s-2Gb/s) (FR, CA, PL, DE, UK, AU, SG)
  • Sapinet (No traffic limit, port speed 10Gb/s) (FR)
  • Scaleway recent VPS Virtual SSD Cloud Servers (not BareMetal SSD Cloud Servers and not Arm) with local boot enabled, all ports used by SMTP are blocked by default, can be unblocked (No traffic limit, speed limited to 100-400Mb/s) (FR)
  • Tiktalik (transfer limit 2TB, speed limited to 100Mb/s) (PL)
  • Vultr Cloud Compute VC2 (transfer limit, port speed 1Gb/s) some ports are blocked : https://www.vultr.com/docs/what-ports-are-blocked (US, FR, SG, NL, UK, DE, AU, CA, JP, KR)

The VPS/server need to have the lowest latency as possible with your connections.

Should work on most x86_64 KVM VPS (you need to be able to boot from local kernel) with at least 1024Mo RAM.

Can't work with LXC VPS or in Docker (or host need to have the MPTCP patched kernel).

Work with all dedicated server.

Install/Update on Debian 10 Buster/Debian 11 Bullseye x86_64

(recommended)

If you want IPv6, configure it on the server before running the script.

Connect with SSH on your server, using ssh command under Linux or Putty under windows for example.

You may need to update your server:

apt-get update && apt-get upgrade

Then, as root:

wget -O - https://www.openmptcprouter.com/server/debian-x86_64.sh | sh

or

wget https://www.openmptcprouter.com/server/debian-x86_64.sh
sh debian-x86_64.sh

If you want to use upstream MPTCP (only for testing):

For kernel 6.1 You need to also use router part with kernel 6.1, it's not the default image:

wget -O - https://www.openmptcprouter.com/server-test/debian-x86_64.sh | UPSTREAM6="yes" sh

If you have a certificate error, try: apt-get install -y ca-certificates && sed -i '/^mozilla\/DST_Root_CA_X3/s/^/!/' /etc/ca-certificates.conf && update-ca-certificates -f

The script will install and configure mptcp kernel, shadowsocks, glorytun and shorewall (as firewall). Key for shadowsocks and glorytun are generated by the script.

  • SSH port is changed to 65222 (TCP)
  • Shadowsocks port is 65101 (TCP & UDP)
  • Glorytun port is 65001 (TCP & UDP)
  • OMR JSON admin is 65500 (TCP)
  • OpenVPN port is 65301 (TCP)
  • MLVPN ports are 65201-65208 (UDP)
  • Iperf3 on port 65400 (TCP & UDP)
  • DSVPN port is 65401 (TCP)
  • V2Ray port is 65228 (TCP)
  • Wireguard port is 65311 & 65312 (UDP)
  • ICMP mustn't be blocked

After install, keys are saved in /root/openmptcprouter_config.txt

VPS MUST be rebooted after installation.

Install/Update on Ubuntu Server 20.04 x86_64

(Are you sure you don't want to use Debian ?)

If you want IPv6, configure it on the server before running the script.

Connect with SSH on your server, using ssh command under Linux or Putty under windows for example.

Then, as root:

wget -O - https://www.openmptcprouter.com/server/ubuntu20.04-x86_64.sh | sh

or

wget https://www.openmptcprouter.com/server/ubuntu20.04-x86_64.sh
sh ubuntu20.04-x86_64.sh

This will install and configure mptcp kernel, shadowsocks, glorytun and shorewall (as firewall). Key for shadowsocks and glorytun are generated by the script.

  • SSH port is changed to 65222 (TCP)
  • Shadowsocks port is 65101 (TCP & UDP)
  • Glorytun port is 65001 (TCP & UDP)
  • OMR JSON admin is 65500 (TCP)
  • OpenVPN port is 65301 (TCP)
  • MLVPN ports are 65201-65208 (UDP)
  • Iperf3 on port 65400 (TCP & UDP)
  • DSVPN port is 65401 (TCP)
  • V2Ray port is 65228 (TCP)
  • Wireguard port is 65311 & 65312 (UDP)
  • ICMP mustn't be blocked

After install, keys are saved in /root/openmptcprouter_config.txt

VPS MUST be rebooted after installation.

Install on Debian 9 Stretch x86_64

Script will update Debian 9 to Debian 10 on a fresh install.

Connect with SSH on your server, using ssh command under Linux or Putty under windows for example.

Then, as root:

wget -O - https://www.openmptcprouter.com/server/debian9-x86_64.sh | sh

or

wget https://www.openmptcprouter.com/server/debian9-x86_64.sh
sh debian9-x86_64.sh

This will install and configure mptcp kernel, shadowsocks, glorytun and shorewall (as firewall). Key for shadowsocks and glorytun are generated by the script.

  • SSH port is changed to 65222 (TCP)
  • Shadowsocks port is 65101 (TCP & UDP)
  • Glorytun port is 65001 (TCP & UDP)
  • OMR JSON admin is 65500 (TCP)
  • OpenVPN port is 65301 (TCP)
  • MLVPN ports are 65201-65208 (UDP)
  • Iperf3 on port 65400 (TCP & UDP)
  • DSVPN port is 65401 (TCP)
  • V2Ray port is 65228 (TCP)
  • Wireguard port is 65311 & 65312 (UDP)
  • ICMP mustn't be blocked

After install, keys are saved in /root/openmptcprouter_config.txt

VPS MUST be rebooted after installation.

Update

To update, you have to download and run the script again. Keys will be preserved.

Files used by script

All files available here: https://github.com/Ysurac/openmptcprouter-vps